[PATCH 5.8 68/99] KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Jim Mattson <jmattson@google.com>,
	Peter Shier <pshier@google.com>, Oliver Upton <oupton@google.com>,
	Sean Christopherson <sean.j.christopherson@intel.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.8 68/99] KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE
Date: Tue, 29 Sep 2020 13:01:51 +0200	[thread overview]
Message-ID: <20200929105933.073320085@linuxfoundation.org> (raw)
In-Reply-To: <20200929105929.719230296@linuxfoundation.org>

From: Sean Christopherson <sean.j.christopherson@intel.com>

[ Upstream commit 8d214c481611b29458a57913bd786f0ac06f0605 ]

Reset the MMU context during kvm_set_cr4() if SMAP or PKE is toggled.
Recent commits to (correctly) not reload PDPTRs when SMAP/PKE are
toggled inadvertantly skipped the MMU context reset due to the mask
of bits that triggers PDPTR loads also being used to trigger MMU context
resets.

Fixes: 427890aff855 ("kvm: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode")
Fixes: cb957adb4ea4 ("kvm: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode")
Cc: Jim Mattson <jmattson@google.com>
Cc: Peter Shier <pshier@google.com>
Cc: Oliver Upton <oupton@google.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200923215352.17756-1-sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 arch/x86/kvm/x86.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index f5481ae588aff..a04f8abd0ead9 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -968,6 +968,7 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 	unsigned long old_cr4 = kvm_read_cr4(vcpu);
 	unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE |
 				   X86_CR4_SMEP;
+	unsigned long mmu_role_bits = pdptr_bits | X86_CR4_SMAP | X86_CR4_PKE;
 
 	if (kvm_valid_cr4(vcpu, cr4))
 		return 1;
@@ -995,7 +996,7 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 	if (kvm_x86_ops.set_cr4(vcpu, cr4))
 		return 1;
 
-	if (((cr4 ^ old_cr4) & pdptr_bits) ||
+	if (((cr4 ^ old_cr4) & mmu_role_bits) ||
 	    (!(cr4 & X86_CR4_PCIDE) && (old_cr4 & X86_CR4_PCIDE)))
 		kvm_mmu_reset_context(vcpu);
 
-- 
2.25.1

next prev parent reply	other threads:[~2020-09-29 11:51 UTC|newest]

Thread overview: 110+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-29 11:00 [PATCH 5.8 00/99] 5.8.13-rc1 review Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 01/99] device_cgroup: Fix RCU list debugging warning Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 02/99] ASoC: pcm3168a: ignore 0 Hz settings Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 03/99] ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 04/99] ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 05/99] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 06/99] clk: versatile: Add of_node_put() before return statement Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 07/99] RISC-V: Take text_mutex in ftrace_init_nop() Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 08/99] i2c: aspeed: Mask IRQ status to relevant bits Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 09/99] s390/init: add missing __init annotations Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 10/99] lockdep: fix order in trace_hardirqs_off_caller() Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 11/99] EDAC/ghes: Check whether the driver is on the safe list correctly Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 12/99] drm/amdkfd: fix a memory leak issue Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 13/99] drm/amd/display: Dont use DRM_ERROR() for DTM add topology Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 14/99] drm/amd/display: update nv1x stutter latencies Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 15/99] drm/amdgpu/dc: Require primary plane to be enabled whenever the CRTC is Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 16/99] drm/amd/display: Dont log hdcp module warnings in dmesg Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 17/99] i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 18/99] objtool: Fix noreturn detection for ignored functions Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 19/99] i2c: mediatek: Send i2c master code at more than 1MHz Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 20/99] riscv: Fix Kendryte K210 device tree Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 21/99] ieee802154: fix one possible memleak in ca8210_dev_com_init Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 22/99] ieee802154/adf7242: check status of adf7242_read_reg Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 23/99] clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 24/99] mwifiex: Increase AES key storage size to 256 bits Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 25/99] batman-adv: bla: fix type misuse for backbone_gw hash indexing Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 26/99] libbpf: Fix build failure from uninitialized variable warning Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 27/99] atm: eni: fix the missed pci_disable_device() for eni_init_one() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 28/99] batman-adv: mcast/TT: fix wrongly dropped or rerouted packets Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 29/99] netfilter: ctnetlink: add a range check for l3/l4 protonum Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 30/99] netfilter: ctnetlink: fix mark based dump filtering regression Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 31/99] netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 32/99] netfilter: nft_meta: use socket user_ns to retrieve skuid and skgid Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 33/99] mac802154: tx: fix use-after-free Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 34/99] bpf: Fix clobbering of r2 in bpf_gen_ld_abs Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 35/99] tools/libbpf: Avoid counting local symbols in ABI check Greg Kroah-Hartman
2020-09-29 21:54   ` Justin Forbes
2020-09-30  5:02     ` Tony Ambardar
2020-09-30 15:40       ` Justin Forbes
2020-09-29 11:01 ` [PATCH 5.8 36/99] drm/vc4/vc4_hdmi: fill ASoC card owner Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 37/99] net: qed: Disable aRFS for NPAR and 100G Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 38/99] net: qede: " Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 39/99] net: qed: RDMA personality shouldnt fail VF load Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 40/99] igc: Fix wrong timestamp latency numbers Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 41/99] igc: Fix not considering the TX delay for timestamps Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 42/99] drm/sun4i: sun8i-csc: Secondary CSC register correction Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 43/99] hv_netvsc: Switch the data path at the right time during hibernation Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 44/99] spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 45/99] RDMA/core: Fix ordering of CQ pool destruction Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 46/99] batman-adv: Add missing include for in_interrupt() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 47/99] xsk: Fix number of pinned pages/umem size discrepancy Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 48/99] nvme-tcp: fix kconfig dependency warning when !CRYPTO Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 49/99] batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 50/99] batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 51/99] batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 52/99] bpf: Fix a rcu warning for bpffs map pretty-print Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 53/99] lib80211: fix unmet direct dependendices config warning when !CRYPTO Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 54/99] mac80211: do not disable HE if HT is missing on 2.4 GHz Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 55/99] cfg80211: fix 6 GHz channel conversion Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 56/99] mac80211: fix 80 MHz association to 160/80+80 AP on 6 GHz Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 57/99] ALSA: asihpi: fix iounmap in error handler Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 58/99] io_uring: fix openat/openat2 unified prep handling Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 59/99] SUNRPC: Fix svc_flush_dcache() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 60/99] regmap: fix page selection for noinc reads Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 61/99] regmap: fix page selection for noinc writes Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 62/99] net/mlx5e: mlx5e_fec_in_caps() returns a boolean Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 63/99] MIPS: Loongson-3: Fix fp register access if MSA enabled Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 64/99] PM / devfreq: tegra30: Disable clock on error in probe Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 65/99] MIPS: Add the missing CPU_1074K into __get_cpu_type() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 66/99] regulator: axp20x: fix LDO2/4 description Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 67/99] spi: bcm-qspi: Fix probe regression on iProc platforms Greg Kroah-Hartman
2020-09-29 11:01 ` Greg Kroah-Hartman [this message]
2020-09-29 11:01 ` [PATCH 5.8 69/99] KVM: SVM: Add a dedicated INVD intercept routine Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 70/99] mm: validate pmd after splitting Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 71/99] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 72/99] x86/irq: Make run_on_irqstack_cond() typesafe Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 73/99] x86/ioapic: Unbreak check_timer() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 74/99] scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 75/99] ALSA: usb-audio: Add delay quirk for H570e USB headsets Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 76/99] ALSA: hda/realtek - Couldnt detect Mic if booting with headset plugged Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 77/99] ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 78/99] lib/string.c: implement stpcpy Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 79/99] tracing: fix double free Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 80/99] s390/dasd: Fix zero write for FBA devices Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 81/99] mt76: mt7615: use v1 MCU API on MT7615 to fix issues with adding/removing stations Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 82/99] lib/bootconfig: Fix a bug of breaking existing tree nodes Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 83/99] lib/bootconfig: Fix to remove tailing spaces after value Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 84/99] kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 85/99] kprobes: tracing/kprobes: Fix to kill kprobes on initmem after boot Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 86/99] btrfs: fix put of uninitialized kobject after seed device delete Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 87/99] btrfs: fix overflow when copying corrupt csums for a message Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 88/99] media: cec-adap.c: dont use flush_scheduled_work() Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 89/99] MIPS: Loongson2ef: Disable Loongson MMI instructions Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 90/99] dmabuf: fix NULL pointer dereference in dma_buf_release() Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 91/99] mm, THP, swap: fix allocating cluster for swapfile by mistake Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 92/99] mm/gup: fix gup_fast with dynamic page table folding Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 93/99] mm: replace memmap_context by meminit_context Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 94/99] mm: dont rely on system state to detect hot-plug operations Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 95/99] s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 96/99] io_uring: ensure open/openat2 name is cleaned on cancelation Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 97/99] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 98/99] dm: fix bio splitting and its bio completion order for regular IO Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 99/99] clocksource/drivers/timer-ti-dm: Do reset before enable Greg Kroah-Hartman
2020-09-29 13:39 ` [PATCH 5.8 00/99] 5.8.13-rc1 review Jeffrin Jose T
2020-09-29 20:54 ` Guenter Roeck
2020-10-01 19:23   ` Greg Kroah-Hartman
2020-09-30  7:28 ` Naresh Kamboju
2020-10-01 19:24   ` Greg Kroah-Hartman
2020-09-30 14:26 ` Shuah Khan
2020-10-01 19:24   ` Greg Kroah-Hartman

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:f5481ae588af dfblob:a04f8abd0ead
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200929105933.073320085@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=jmattson@google.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=oupton@google.com \
    --cc=pbonzini@redhat.com \
    --cc=pshier@google.com \
    --cc=sashal@kernel.org \
    --cc=sean.j.christopherson@intel.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).